From a single workstation, keep tabs on nets anywhere

Federal agencies faced with managing global computer networks are turning to a new
monitoring application that proves it's a small world after all.


An agency's support staff could, say, use the app to monitor and sometimes fix
malfunctioning


routers in Guam, a burned-out terminal in San Francisco or a broken cable in Panama
from one location using the Integrated Network Management System (INMS).


The Wang tool, which keeps track of individual circuits and cables on massive networks,
can run on a single high-end workstation.


"This puts the world in a box," said Rick Ward, vice president of Wang
Federal Systems Inc. of McLean, Va. "And it's a simple interface. You don't have to
be a Unix geek to use it."


The Defense Information Systems Agency was the first to field the system. Wang has five
contracts, totaling $100 million, with DISA for the system, Ward said. The system itself
was built for around $20 million.


"Each element has its own system," said James L. Smith, branch chief of
DISA's Operations Support Branch. "But before, there was no relationship between any
of the systems. What the INMS does is pull in feed from all those systems and provides an
integrated view."


The INMS receives error messages from linked DISA systems around the world and
pinpoints trouble spots. "It can correlate that alarm information and come up with
the root cause," Smith said. "So an operator can concentrate on what the problem
is and not use valuable time to troubleshoot."


A one-day snapshot of the DISA system runs on a Sun Microsystems Inc. Ultra workstation
in Ward's branch office. Although the system is fast on the high-end workstation, Ward
said a system as complex as DISA's would not run on lower-end computers.


When Wang tried to run the application on a Sun Sparcstation 20, it took nearly 30
minutes to boot and run the program. But lower-end Unix machines would work fine for
monitoring networks less complex than DISA's, Ward said.


For DISA, the program opens with a screen showing a global view of the networks and
systems the agency supports for DOD users worldwide. Red dots represent trouble spots.


A data capture example from the app showed a broken network switch at a military base
in South Korea. Clicking down through the network layers increased the level of detail
about the problem. Ward zeroed in on the broken switch and traced its detrimental effects
on network traffic.


Besides the ability to reroute traffic around trouble spots, administrators watching
the system can fix minor problems from a desktop half a world away.


"If it is even remotely fixable, you can do it right from the terminal," Ward
said. "Telnet access lets users reinitialize switches, reboot machines or even write
new script files."


Of course on the DISA system, security is a primary concern, Smith said. Although
top-level officials at DISA can look at any component on any system, network monitoring
staff members get access only to the systems they are charged with maintaining.


INMS supports real-time monitoring of every component in a network at the highest
levels. The program periodically updates information about bottom-rung components.


Smith said some commanders in the field do not want people from remote locations
working on their networks. To inform local commanders of network malfunctions without
actually fixing them, the system lets DISA staff send trouble tickets describing the
problem to a local technician. A personnel database provides DISA's monitoring staff
members with the names and contact data for field technicians.


Two INMS features make it possible to monitor disparate networks remotely.


The first is the system's ability to monitor error and fail messages from many
different computers and devices. That's where engineers get to roll up their sleeves in
the field, Ward said.


Because some of the aging machines were not built for networking, engineers have to be
creative in getting system status data to the monitoring network.


"On one machine we had no standard way of connecting it," Ward said. "So
we ended up hooking a cable into the printer port and getting system information as an
ASCII file and translating it."


In other cases, the system monitors cables between dumb terminals for transmission
quality. If all the cables surrounding a terminal are down, the system makes the
assumption that something is wrong, Ward said.


The other component of the monitoring system that keeps data manageable is traffic
filtering. If an error message were generated every time a runway light blew out or a
network switch hiccupped, there would be thousands of messages each second, Ward said.


Only when something fails and begins to harm other components in the network are the
highest level operators notified, he said. Routine maintenance tasks are left to the local
technicians.


INMS has commercial components that Wang customizes for each user. The database of
network components is from Oracle Corp. Remedy Corp. of Mountain View, Calif., supplies
the trouble ticketing application. The programs that translate system warnings and the
monitor interfaces come from Objective Systems Integrators of Folsom, Calif., and
Accugraph Inc. of El Paso, Texas.


Other federal agencies are also installing INMS. The Federal Aviation Administration
plans to use it to monitor the new National Airspace System. FAA officials said parts of
the system would begin rolling out next month.


About the Author

John Breeden II is a freelance technology writer for GCN.

inside gcn

  • open doors to cloud (Sergey Nivens/Shutterstock.com)

    New vendors join FedRAMP Connect

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above